aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/main/java/org/traccar/api/resource/ServerResource.java7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/main/java/org/traccar/api/resource/ServerResource.java b/src/main/java/org/traccar/api/resource/ServerResource.java
index 59ef642c8..1d88e5abc 100644
--- a/src/main/java/org/traccar/api/resource/ServerResource.java
+++ b/src/main/java/org/traccar/api/resource/ServerResource.java
@@ -140,7 +140,12 @@ public class ServerResource extends BaseResource {
permissionsService.checkAdmin(getUserId());
String root = config.getString(Keys.WEB_OVERRIDE, config.getString(Keys.WEB_PATH));
- var outputPath = Paths.get(root, path);
+ var rootPath = Paths.get(root).normalize();
+ var outputPath = rootPath.resolve(path).normalize();
+ if (!outputPath.startsWith(rootPath)) {
+ return Response.status(Response.Status.BAD_REQUEST).build();
+ }
+
var directoryPath = outputPath.getParent();
if (directoryPath != null) {
Files.createDirectories(directoryPath);